Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-11987 |
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Published: February 24, 2021; 1:15:11 PM -0500 |
V3.1: 8.2 HIGH V2.0: 6.4 MEDIUM |
CVE-2020-28052 |
An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. Published: December 17, 2020; 8:15:12 PM -0500 |
V3.1: 8.1 HIGH V2.0: 6.8 MEDIUM |